Hackers thrive on confusion and distraction, so it is important that with all the focus on coronavirus, registered investment advisors and broker-dealers remain on high alert against cyber attacks, according to attorneys at Eversheds Sutherland, a law firm that specializes in securities compliance.

“Bad actors thrive amidst chaos and distraction, so despite—and precisely because of—all that is going on with coronavirus, it is important to remember the dangers hackers pose and to be prepared to respond to those threats,” Michael Bahar, a partner at the firm, said in a new risk alert.

With so many employees working from home, firms should take a series of quick, simple and crucial actions to improve cyber preparedness and response, Bahar said. Critical steps include the following:

• Ensure employees are reminded of the critical need for cyber hygiene, especially when teleworking.
• Confirm that cyber incident response teams have hard-copy access to response plans at home, not just in the office.
• Ensure that key members have a good sense of the regulatory and contractual notification obligations in the event of a breach (or know whom to call who does). There is no guarantee that regulators or counterparties will grant leniency for failing to know or meet notification deadlines because of coronavirus-related distraction.

Bahar said it is also important to warn employees and contractors to be wary of clicking on links embedded in emails and entering in credentials.

“There is no doubt we will see an uptick in phishing emails appearing to come from the Centers for Disease Control, the World Health Organization, other health-related organizations, or even from companies’ own HR departments. Employees should be advised to look carefully at the sender’s email address (especially after the @ symbol), and to hover cursors over links to see where they really resolve,” he said.

It is also critical for firms to ensure proper remote access. “Accessing company servers remotely without using a secure connection, such as a virtual private network, exposes those servers to hackers. If employees are working from home because of the virus and have not enabled security features on their home WiFi, and are not logging in via a secure connection, the individual and the company are more vulnerable to cyber attacks,” Bahar said.

No matter how many reminders you give, however, someone will always click on a link they shouldn’t, or access internal networks inappropriately, he added. It is how the wider team reacts and responds to attacks that makes all the difference.